diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-02 15:11:04 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-11-02 15:11:04 +0300 |
commit | ed509186782d16d2bbcb34ac73303e8cb3a9d5a2 (patch) | |
tree | 4ab3bbb33b37e9e4c0f73627617ea6b0c7d0d7f7 /app | |
parent | 44837830832a41a6fe6360aca18e50826c723fd1 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app')
30 files changed, 113 insertions, 45 deletions
diff --git a/app/assets/javascripts/diffs/components/diff_discussions.vue b/app/assets/javascripts/diffs/components/diff_discussions.vue index 25d3bda147b..9e399a642d0 100644 --- a/app/assets/javascripts/diffs/components/diff_discussions.vue +++ b/app/assets/javascripts/diffs/components/diff_discussions.vue @@ -88,6 +88,7 @@ export default { :discussions-by-diff-order="true" :line="line" :help-page-path="helpPagePath" + :should-scroll-to-note="false" @noteDeleted="deleteNoteHandler" > <template v-if="renderAvatarBadge" #avatar-badge> diff --git a/app/assets/javascripts/notes/components/discussion_notes.vue b/app/assets/javascripts/notes/components/discussion_notes.vue index 2dbc9b10836..3e8cddc3174 100644 --- a/app/assets/javascripts/notes/components/discussion_notes.vue +++ b/app/assets/javascripts/notes/components/discussion_notes.vue @@ -52,6 +52,11 @@ export default { required: false, default: false, }, + shouldScrollToNote: { + type: Boolean, + required: false, + default: true, + }, }, computed: { ...mapGetters(['userCanReply']), @@ -133,6 +138,7 @@ export default { :discussion-root="true" :discussion-resolve-path="discussion.resolve_path" :is-overview-tab="isOverviewTab" + :should-scroll-to-note="shouldScrollToNote" @handleDeleteNote="$emit('deleteNote')" @startReplying="$emit('startReplying')" > @@ -183,6 +189,7 @@ export default { :discussion-root="index === 0" :discussion-resolve-path="discussion.resolve_path" :is-overview-tab="isOverviewTab" + :should-scroll-to-note="shouldScrollToNote" @handleDeleteNote="$emit('deleteNote')" > <template #avatar-badge> diff --git a/app/assets/javascripts/notes/components/noteable_discussion.vue b/app/assets/javascripts/notes/components/noteable_discussion.vue index 50d166b6db5..b668d6ec182 100644 --- a/app/assets/javascripts/notes/components/noteable_discussion.vue +++ b/app/assets/javascripts/notes/components/noteable_discussion.vue @@ -73,6 +73,11 @@ export default { required: false, default: false, }, + shouldScrollToNote: { + type: Boolean, + required: false, + default: true, + }, }, data() { return { @@ -288,6 +293,7 @@ export default { :line="line" :should-group-replies="shouldGroupReplies" :is-overview-tab="isOverviewTab" + :should-scroll-to-note="shouldScrollToNote" @startReplying="showReplyForm" @deleteNote="deleteNoteHandler" > diff --git a/app/assets/javascripts/notes/components/noteable_note.vue b/app/assets/javascripts/notes/components/noteable_note.vue index c4b3111b919..8ce0c2f8648 100644 --- a/app/assets/javascripts/notes/components/noteable_note.vue +++ b/app/assets/javascripts/notes/components/noteable_note.vue @@ -91,6 +91,11 @@ export default { required: false, default: false, }, + shouldScrollToNote: { + type: Boolean, + required: false, + default: true, + }, }, data() { return { @@ -222,7 +227,7 @@ export default { }, mounted() { - if (this.isTarget) { + if (this.isTarget && this.shouldScrollToNote) { this.scrollToNoteIfNeeded($(this.$el)); } }, diff --git a/app/assets/javascripts/vue_shared/components/sidebar/labels_select_widget/label_item.vue b/app/assets/javascripts/vue_shared/components/sidebar/labels_select_widget/label_item.vue index caeee2df7e5..314ffbaf84c 100644 --- a/app/assets/javascripts/vue_shared/components/sidebar/labels_select_widget/label_item.vue +++ b/app/assets/javascripts/vue_shared/components/sidebar/labels_select_widget/label_item.vue @@ -10,7 +10,7 @@ export default { </script> <template> - <div class="gl-display-flex gl-align-items-center"> + <div class="gl-display-flex gl-align-items-center gl-word-break-word"> <span class="dropdown-label-box gl-flex-shrink-0 gl-top-0 gl-mr-3" :style="{ 'background-color': label.color }" diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb index 7c3401a7e90..1dd9c546be3 100644 --- a/app/controllers/concerns/issuable_actions.rb +++ b/app/controllers/concerns/issuable_actions.rb @@ -170,9 +170,10 @@ module IssuableActions discussions = Discussion.build_collection(notes, issuable) - if issuable.is_a?(MergeRequest) + case issuable + when MergeRequest render_mr_discussions(discussions, discussion_serializer, discussion_cache_context) - elsif issuable.is_a?(Issue) + when Issue render json: discussion_serializer.represent(discussions, context: self) if stale?(etag: [discussion_cache_context, discussions]) else render json: discussion_serializer.represent(discussions, context: self) diff --git a/app/controllers/groups/dependency_proxy/application_controller.rb b/app/controllers/groups/dependency_proxy/application_controller.rb index f7337a3cdb1..300a82eed78 100644 --- a/app/controllers/groups/dependency_proxy/application_controller.rb +++ b/app/controllers/groups/dependency_proxy/application_controller.rb @@ -21,10 +21,11 @@ module Groups user_or_deploy_token = ::DependencyProxy::AuthTokenService.user_or_deploy_token_from_jwt(token) - if user_or_deploy_token.is_a?(User) + case user_or_deploy_token + when User @authentication_result = Gitlab::Auth::Result.new(user_or_deploy_token, nil, :user, []) sign_in(user_or_deploy_token) - elsif user_or_deploy_token.is_a?(DeployToken) + when DeployToken @authentication_result = Gitlab::Auth::Result.new(user_or_deploy_token, nil, :deploy_token, []) end end diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb index bf8b61db2e5..43bf895ea76 100644 --- a/app/controllers/oauth/authorizations_controller.rb +++ b/app/controllers/oauth/authorizations_controller.rb @@ -4,7 +4,7 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController include InitializesCurrentUserMode include Gitlab::Utils::StrongMemoize - before_action :verify_confirmed_email! + before_action :verify_confirmed_email!, :verify_admin_allowed! layout 'profile' @@ -97,4 +97,19 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController pre_auth.error = :unconfirmed_email render "doorkeeper/authorizations/error" end + + def verify_admin_allowed! + render "doorkeeper/authorizations/forbidden" if disallow_connect? + end + + def disallow_connect? + # we're disabling Cop/UserAdmin as OAuth tokens don't seem to respect admin mode + current_user&.admin? && Gitlab::CurrentSettings.disable_admin_oauth_scopes && dangerous_scopes? # rubocop:disable Cop/UserAdmin + end + + def dangerous_scopes? + doorkeeper_application&.includes_scope?(*::Gitlab::Auth::API_SCOPE, *::Gitlab::Auth::READ_API_SCOPE, + *::Gitlab::Auth::ADMIN_SCOPES, *::Gitlab::Auth::REPOSITORY_SCOPES, + *::Gitlab::Auth::REGISTRY_SCOPES) && !doorkeeper_application&.trusted? + end end diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 52a0d5fc84c..cadec97df60 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -52,6 +52,7 @@ class Projects::IssuesController < Projects::ApplicationController before_action only: :show do push_frontend_feature_flag(:issue_assignees_widget, project) push_frontend_feature_flag(:realtime_labels, project) + push_frontend_feature_flag(:work_items_mvc, project&.group) push_force_frontend_feature_flag(:work_items_mvc_2, project&.work_items_mvc_2_feature_flag_enabled?) push_frontend_feature_flag(:work_items_hierarchy, project) push_frontend_feature_flag(:epic_widget_edit_confirmation, project) diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb index 8ec2cbb41e9..14f2e372bc5 100644 --- a/app/controllers/projects/labels_controller.rb +++ b/app/controllers/projects/labels_controller.rb @@ -68,9 +68,10 @@ class Projects::LabelsController < Projects::ApplicationController def generate Gitlab::IssuesLabels.generate(@project) - if params[:redirect] == 'issues' + case params[:redirect] + when 'issues' redirect_to project_issues_path(@project) - elsif params[:redirect] == 'merge_requests' + when 'merge_requests' redirect_to project_merge_requests_path(@project) else redirect_to project_labels_path(@project) diff --git a/app/graphql/types/ci/job_need_union.rb b/app/graphql/types/ci/job_need_union.rb index 59608a6a312..61ad5432db8 100644 --- a/app/graphql/types/ci/job_need_union.rb +++ b/app/graphql/types/ci/job_need_union.rb @@ -8,9 +8,10 @@ module Types possible_types Types::Ci::JobType, Types::Ci::BuildNeedType def self.resolve_type(object, context) - if object.is_a?(::Ci::BuildNeed) + case object + when ::Ci::BuildNeed Types::Ci::BuildNeedType - elsif object.is_a?(CommitStatus) + when CommitStatus Types::Ci::JobType else raise TypeNotSupportedError diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index c57f355b487..42aad60d1ba 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -221,6 +221,7 @@ module ApplicationSettingsHelper :default_projects_limit, :default_snippet_visibility, :delete_inactive_projects, + :disable_admin_oauth_scopes, :disable_feed_token, :disabled_oauth_sign_in_sources, :domain_denylist, diff --git a/app/helpers/avatars_helper.rb b/app/helpers/avatars_helper.rb index 617bc0e9bee..798bb7b64a4 100644 --- a/app/helpers/avatars_helper.rb +++ b/app/helpers/avatars_helper.rb @@ -105,9 +105,10 @@ module AvatarsHelper end def avatar_without_link(resource, options = {}) - if resource.is_a?(Namespaces::UserNamespace) + case resource + when Namespaces::UserNamespace user_avatar_without_link(options.merge(user: resource.first_owner)) - elsif resource.is_a?(Group) + when Group group_icon(resource, options.merge(class: 'avatar')) end end diff --git a/app/helpers/broadcast_messages_helper.rb b/app/helpers/broadcast_messages_helper.rb index 10cfa97030d..9827f075e54 100644 --- a/app/helpers/broadcast_messages_helper.rb +++ b/app/helpers/broadcast_messages_helper.rb @@ -77,11 +77,12 @@ module BroadcastMessagesHelper return unless current_user.present? strong_memoize(:current_user_access_level_for_project_or_group) do - if controller.is_a? Projects::ApplicationController + case controller + when Projects::ApplicationController next unless @project @project.team.max_member_access(current_user.id) - elsif controller.is_a? Groups::ApplicationController + when Groups::ApplicationController next unless @group @group.max_member_access_for_user(current_user) diff --git a/app/helpers/issues_helper.rb b/app/helpers/issues_helper.rb index 115cdd432e3..b9c7602126e 100644 --- a/app/helpers/issues_helper.rb +++ b/app/helpers/issues_helper.rb @@ -108,9 +108,10 @@ module IssuesHelper def awards_sort(awards) awards.sort_by do |award, award_emojis| - if award == "thumbsup" + case award + when "thumbsup" 0 - elsif award == "thumbsdown" + when "thumbsdown" 1 else 2 diff --git a/app/helpers/routing/pseudonymization_helper.rb b/app/helpers/routing/pseudonymization_helper.rb index eb4e5d1c01c..dce0517690d 100644 --- a/app/helpers/routing/pseudonymization_helper.rb +++ b/app/helpers/routing/pseudonymization_helper.rb @@ -43,11 +43,12 @@ module Routing private def mask_id(value) - if @request.path_parameters[:controller] == 'projects/blob' + case @request.path_parameters[:controller] + when 'projects/blob' ':repository_path' - elsif @request.path_parameters[:controller] == 'projects' + when 'projects' "project#{@project&.id}" - elsif @request.path_parameters[:controller] == 'groups' + when 'groups' "namespace#{@group&.id}" else value diff --git a/app/helpers/todos_helper.rb b/app/helpers/todos_helper.rb index 2663246ef81..be63d28600f 100644 --- a/app/helpers/todos_helper.rb +++ b/app/helpers/todos_helper.rb @@ -121,9 +121,10 @@ module TodosHelper case todo.target when MergeRequest - if state == 'closed' + case state + when 'closed' background_class = 'gl-bg-red-500' - elsif state == 'merged' + when 'merged' background_class = 'gl-bg-blue-500' end when Issue diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index ef968c2645c..5659c9c7c0b 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -689,6 +689,9 @@ class ApplicationSetting < ApplicationRecord validates :disable_feed_token, inclusion: { in: [true, false], message: N_('must be a boolean value') } + validates :disable_admin_oauth_scopes, + inclusion: { in: [true, false], message: N_('must be a boolean value') } + before_validation :ensure_uuid! before_validation :coerce_repository_storages_weighted, if: :repository_storages_weighted_changed? before_validation :normalize_default_branch_name diff --git a/app/models/application_setting_implementation.rb b/app/models/application_setting_implementation.rb index d78c6d4a503..308c05d638c 100644 --- a/app/models/application_setting_implementation.rb +++ b/app/models/application_setting_implementation.rb @@ -62,6 +62,7 @@ module ApplicationSettingImplementation diff_max_patch_bytes: Gitlab::Git::Diff::DEFAULT_MAX_PATCH_BYTES, diff_max_files: Commit::DEFAULT_MAX_DIFF_FILES_SETTING, diff_max_lines: Commit::DEFAULT_MAX_DIFF_LINES_SETTING, + disable_admin_oauth_scopes: false, disable_feed_token: false, disabled_oauth_sign_in_sources: [], dns_rebinding_protection_enabled: true, diff --git a/app/models/integrations/jira.rb b/app/models/integrations/jira.rb index 25644dcf83b..30497c0110e 100644 --- a/app/models/integrations/jira.rb +++ b/app/models/integrations/jira.rb @@ -532,13 +532,14 @@ module Integrations end def build_entity_meta(entity) - if entity.is_a?(Commit) + case entity + when Commit { id: entity.short_id, description: entity.safe_message, branch: branch_name(entity) } - elsif entity.is_a?(MergeRequest) + when MergeRequest { id: entity.to_reference, branch: entity.source_branch diff --git a/app/models/members/member_task.rb b/app/models/members/member_task.rb index f093619ff36..6cf6b1adb45 100644 --- a/app/models/members/member_task.rb +++ b/app/models/members/member_task.rb @@ -34,9 +34,10 @@ class MemberTask < ApplicationRecord end def project_in_member_source - if member.is_a?(GroupMember) + case member + when GroupMember errors.add(:project, _('is not in the member group')) unless project.namespace == member.source - elsif member.is_a?(ProjectMember) + when ProjectMember errors.add(:project, _('is not the member project')) unless project == member.source end end diff --git a/app/models/namespace.rb b/app/models/namespace.rb index 12b96f34316..bef68586c66 100644 --- a/app/models/namespace.rb +++ b/app/models/namespace.rb @@ -550,11 +550,12 @@ class Namespace < ApplicationRecord end def shared_runners_setting_higher_than?(other_setting) - if other_setting == SR_ENABLED + case other_setting + when SR_ENABLED false - elsif other_setting == SR_DISABLED_WITH_OVERRIDE + when SR_DISABLED_WITH_OVERRIDE shared_runners_setting == SR_ENABLED - elsif other_setting == SR_DISABLED_AND_UNOVERRIDABLE + when SR_DISABLED_AND_UNOVERRIDABLE shared_runners_setting == SR_ENABLED || shared_runners_setting == SR_DISABLED_WITH_OVERRIDE else raise ArgumentError diff --git a/app/models/packages/go/module_version.rb b/app/models/packages/go/module_version.rb index c442b2416f1..5869a03e081 100644 --- a/app/models/packages/go/module_version.rb +++ b/app/models/packages/go/module_version.rb @@ -21,9 +21,10 @@ module Packages raise ArgumentError, "mod is required" unless mod raise ArgumentError, "commit is required" unless commit - if type == :ref + case type + when :ref raise ArgumentError, "ref is required" unless ref - elsif type == :pseudo + when :pseudo raise ArgumentError, "name is required" unless name raise ArgumentError, "semver is required" unless semver end diff --git a/app/models/work_items/type.rb b/app/models/work_items/type.rb index efffba62379..f5fea356831 100644 --- a/app/models/work_items/type.rb +++ b/app/models/work_items/type.rb @@ -12,12 +12,15 @@ module WorkItems # Base types need to exist on the DB on app startup # This constant is used by the DB seeder + # TODO - where to add new icon names created? BASE_TYPES = { issue: { name: 'Issue', icon_name: 'issue-type-issue', enum_value: 0 }, incident: { name: 'Incident', icon_name: 'issue-type-incident', enum_value: 1 }, test_case: { name: 'Test Case', icon_name: 'issue-type-test-case', enum_value: 2 }, ## EE-only requirement: { name: 'Requirement', icon_name: 'issue-type-requirements', enum_value: 3 }, ## EE-only - task: { name: 'Task', icon_name: 'issue-type-task', enum_value: 4 } + task: { name: 'Task', icon_name: 'issue-type-task', enum_value: 4 }, + objective: { name: 'Objective', icon_name: 'issue-type-objective', enum_value: 5 }, ## EE-only + key_result: { name: 'Key Result', icon_name: 'issue-type-keyresult', enum_value: 6 } ## EE-only }.freeze WIDGETS_FOR_TYPE = { @@ -27,7 +30,9 @@ module WorkItems test_case: [Widgets::Description], requirement: [Widgets::Description], task: [Widgets::Assignees, Widgets::Labels, Widgets::Description, Widgets::Hierarchy, Widgets::StartAndDueDate, - Widgets::Milestone] + Widgets::Milestone], + objective: [Widgets::Assignees, Widgets::Labels, Widgets::Description, Widgets::Hierarchy], + key_result: [Widgets::Assignees, Widgets::Labels, Widgets::Description, Widgets::StartAndDueDate] }.freeze WI_TYPES_WITH_CREATED_HEADER = %w[issue incident].freeze @@ -69,7 +74,7 @@ module WorkItems end def self.allowed_types_for_issues - base_types.keys.excluding('task') + base_types.keys.excluding('task', 'objective', 'key_result') end def default? diff --git a/app/serializers/group_child_serializer.rb b/app/serializers/group_child_serializer.rb index 789707c2c9b..54e65752163 100644 --- a/app/serializers/group_child_serializer.rb +++ b/app/serializers/group_child_serializer.rb @@ -39,12 +39,13 @@ class GroupChildSerializer < BaseSerializer def represent_hierarchy(hierarchy, opts) serializer = self.class.new(params) - if hierarchy.is_a?(Hash) + case hierarchy + when Hash hierarchy.map do |parent, children| serializer.represent(parent, opts) .merge(children: Array.wrap(serializer.represent_hierarchy(children, opts))) end - elsif hierarchy.is_a?(Array) + when Array hierarchy.flat_map { |child| serializer.represent_hierarchy(child, opts) } else serializer.represent(hierarchy, opts) diff --git a/app/services/google_cloud/generate_pipeline_service.rb b/app/services/google_cloud/generate_pipeline_service.rb index 610ff47ef2a..b6438d6f501 100644 --- a/app/services/google_cloud/generate_pipeline_service.rb +++ b/app/services/google_cloud/generate_pipeline_service.rb @@ -34,7 +34,8 @@ module GoogleCloud end def generate_commit_attributes - if action == ACTION_DEPLOY_TO_CLOUD_RUN + case action + when ACTION_DEPLOY_TO_CLOUD_RUN branch_name = "deploy-to-cloud-run-#{SecureRandom.hex(8)}" { commit_message: 'Enable Cloud Run deployments', @@ -43,7 +44,7 @@ module GoogleCloud branch_name: branch_name, start_branch: branch_name } - elsif action == ACTION_DEPLOY_TO_CLOUD_STORAGE + when ACTION_DEPLOY_TO_CLOUD_STORAGE branch_name = "deploy-to-cloud-storage-#{SecureRandom.hex(8)}" { commit_message: 'Enable Cloud Storage deployments', diff --git a/app/services/issuable/bulk_update_service.rb b/app/services/issuable/bulk_update_service.rb index 238f5ebddae..30444fa3938 100644 --- a/app/services/issuable/bulk_update_service.rb +++ b/app/services/issuable/bulk_update_service.rb @@ -68,9 +68,10 @@ module Issuable end def find_issuables(parent, model_class, ids) - if parent.is_a?(Project) + case parent + when Project projects = parent - elsif parent.is_a?(Group) + when Group projects = parent.all_projects else return diff --git a/app/services/todo_service.rb b/app/services/todo_service.rb index 6ae394072c6..06352d36215 100644 --- a/app/services/todo_service.rb +++ b/app/services/todo_service.rb @@ -329,11 +329,12 @@ class TodoService commit_id: nil } - if target.is_a?(Commit) + case target + when Commit attributes.merge!(target_id: nil, commit_id: target.id) - elsif target.is_a?(Issue) + when Issue attributes[:issue_type] = target.issue_type - elsif target.is_a?(Discussion) + when Discussion attributes.merge!(target_type: nil, target_id: nil, discussion: target) end diff --git a/app/services/user_project_access_changed_service.rb b/app/services/user_project_access_changed_service.rb index ceaf21bb926..f7178ee9bb6 100644 --- a/app/services/user_project_access_changed_service.rb +++ b/app/services/user_project_access_changed_service.rb @@ -21,9 +21,10 @@ class UserProjectAccessChangedService if blocking AuthorizedProjectsWorker.bulk_perform_and_wait(bulk_args) else - if priority == HIGH_PRIORITY + case priority + when HIGH_PRIORITY AuthorizedProjectsWorker.bulk_perform_async(bulk_args) # rubocop:disable Scalability/BulkPerformWithContext - elsif priority == MEDIUM_PRIORITY + when MEDIUM_PRIORITY AuthorizedProjectUpdate::UserRefreshWithLowUrgencyWorker.bulk_perform_in(MEDIUM_DELAY, bulk_args, batch_size: 100, batch_delay: 30.seconds) # rubocop:disable Scalability/BulkPerformWithContext else with_related_class_context do diff --git a/app/views/doorkeeper/authorizations/forbidden.html.haml b/app/views/doorkeeper/authorizations/forbidden.html.haml new file mode 100644 index 00000000000..9cad5ce62d8 --- /dev/null +++ b/app/views/doorkeeper/authorizations/forbidden.html.haml @@ -0,0 +1,5 @@ +%h1.page-title.gl-font-size-h-display= _("Forbidden") +%main{ :role => "main" } + %p + = sprite_icon('warning-solid') + = (_("Administrators are not permitted to connect applications with these scopes: %{code_open}api%{code_close}, %{code_open}read_api%{code_close}, %{code_open}read_repository%{code_close}, %{code_open}write_repository%{code_close}, %{code_open}write_registry%{code_close}, %{code_open}read_registry%{code_close}, and %{code_open}sudo%{code_close}. To permit this, change the %{code_open}disable_admin_oauth_scopes%{code_close} setting using the API.") % { code_open: '<code>', code_close: '</code>' }).html_safe |